CVE-2015-9194

CVE Database · CVE-2015-9194

CVE-2015-9194

· N/AModified

CVSS v3.1

N/A

EPSS

0.90%

Published

Apr 18, 2018

Modified

Nov 20, 2024

Public PoC / Exploit (1)

All weaponized →

TrickestTrickest PoC index

Links to public security research (Exploit-DB, Nuclei, Trickest, GitHub) for defensive use only.

Description

In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Mobile SD 210/SD 212/SD 205, SD 400, SD 425, SD 427, SD 430, SD 435, SD 450, SD 617, SD 625, SD 650/52, SD 800, SD 845, and Snapdragon_High_Med_2016, during module load at TZ Startup, memory statically allocated by modules was not being properly set to zero first. Allowing the module to execute without reset gives it access to information from previous app thus leading to information exposure.

Weaknesses (CWE)

CWE-200

Affected Products (30)

qualcomm · sd_427_firmwarevulnerable

qualcomm · sd_427

qualcomm · sd_435_firmwarevulnerable

qualcomm · sd_435

qualcomm · sd_210_firmwarevulnerable

qualcomm · sd_210

qualcomm · sd_212_firmwarevulnerable

qualcomm · sd_212

qualcomm · sd_205_firmwarevulnerable